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(57) Abstract 

In a method and a de- 
vice for partial encryption and 
pjoffltssive transmission of im- 
kgS! a fiist section of the im- 
aee file is compressed at leduced 
ciality without decryption, and 
a second section of the image 
filelscnciypicd. Users having 
access to appropriate decryption 
kcvwoKls can decrypt this sec- 
ond section. The first section 
together witii the decrypted 

section can then be viewed 
as a ftill quality image. The stor^ 

asc space required for stonng the 
fast and section together is es- 
sentially the same as tiie stor- 
age space required for storing 
^unencrypted full qua^^f 
ace By using the mediod and 
^vice as described herein stor- 
age and bandwidth requirements 
for partially encrypted ima^ is 
reduced. Furthcitnore, object 
based composition and process- 
ing of encrypted objects are fa 
ciUtaied. and ROIs can be tn 




based composition and prtxxss- 

ing of encrypted objects are fe- , ^;^t «m be decrypted and restored in the compressed domam. 
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A METHOD AND A DEVICE FOR ENCRYPTION OP IMAGES 

TECHNICAL FIELD . 

present iaventlon relates to a method and a devroe for 

encrypting images. 

BACKOROOHD OF THE IHVEHTION MID PRIOR MH 

Tc^tion of digital data 1= a technical 

Z^^t When transmitting and storing secret xnformatron or 
formation which only shall he availahle to a user PaV-^ 
the information. Thus, several methods for encrypting drgital 
Sta «e in £r«r.ent use. Such -etl»ds can also he aPPl-d also 
to digital image data. Examples o£ encryption methods are DBS. 
triple DBS and the public-key RSA method. 

Digital images can be stored on servers and distributed over a ^ 
rrdlication network as digital -^^^ 

^ distributed using a ^^-:::irsrrce"r t^ t^ s^^t^ 
service -"-^^^^^ ^"^H^text it might be suitable to 
their business ""^'l" 3^ Eull access to 

„„er P-^al " ^ ^.a must be 

rr^UrUrto prev«.t all users from having full access 
to all ixtiage data. 

offered for sale on the Internet. 
„ews photographs can -^' ^J'/^t^w customers to download a 
The service provider wants to a""" evaluation, 
version of the i^ge with reduced '^-^ '° and 
journals, that want to publish - "^^^^^J^,,. 
are then allowed to download a full quality xm 

However, such a service provider w»ts -^^^ fy^^ 
and download bit rates. «. .^ge ^l^^^^^J^l^,^ are given 

" '".m i:-Tri°e.'-sto..rs can view the i»age= at a 
away or sold for a low p viewing them at full 

reduced quality, but they must pay for ^^^^^^^ 
auality. m the case the image provxder wants 
quaiicy. ^ , r^ientlv as possible, 

space on the CD-ROM as effxcientiy 
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It is also essential that customers always can access images 
using user friendly, standardised software. Image providers are 
reluctant to design and support special image viewers and 
customers don't want a proliferation of viewing tools. 

presently, image providers have to store two versions of the 
images stored. The full quality version is stored as an 
encrypted image file. This means that the image first xs 
compressed and stored in a compressed file format such as JPEG 
or GIF. The compressed file is then encrypted using a suitable 
encryption tool and an encrypted image file is stored. The user 
must first decrypt this file and then access the resulting 
compressed image file using an image viewing tool. Reduced 
miality images are produced by processing the full quality 
Lges in an image editing program. They are stored as separate 
compressed image files. 

^ problem wit. this solution are that at least ^« 
«„ioas o£ the sane i^ge need to be stored. •"<"^' 

version. 

^3 results in a significant disadvantage i£ the reduced 
_ion i^ge contains^a -;;;ror1are\n:urnals would 
information. I»ages , good quality 

in particular be prcvxded for P"^^"^^" ' ^derstanding o£ 
since journal editors want to have ^^^^^^^^'^^..^ ^„ 
the image content and accepts only t a 

10-50% of the 

printing. The reduced quality image could require 
storage space of the full quality image. 

wnicn la. «c o n includes many new 

verification Model version 2.0. incl ^^^^^ 

functionalities in comparison witu ^ 

for creating a 

techniques. They include, in P---^^' ^^^^ ,pp,,cation domain 
wide range of progressive image formats. Each PP 
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can select a suitable progression mode. Individual objects 
Within i^ges can be accessed separately in tbe --^-^ 
bitstream and progressive transmission can be applxed also to 
objects, in JPEG 2000 there is also support for independently 
decodable coding units - 

SUMMARY 

It is an object of the present invention to overcome the 
problems as outlined above and in particular to reduce the 
Lount of memory required for storing an i^ge. whxch partxally 
shall be possible to view, and also to reduce transmission txme 
in a transmission scheme transmitting partially encrypted, 
images . 

This oblect ai^ others are obtained by a technique for partial 
encrvption and progressive transmission of images where a first 
:r=ron of the Ue file can be decompressed at reduced ^.ty 
without decryption, i.e. the first low quality .mage xs not 
I^crypted, and where a second section of the image fxle ra 
encrypted- 

image. The storage apace required for ""^"^ 

section together is essentially ^"^/r.^ llu" image. L 

rr: .tpe^^iron 

lZ Z.y a Slight e^cpansion of tbe second 
Tctfon co^ared to the unencrypted second section. 

=.n also be partitioned into multiple sections where 
The image can also be p individual encryption 

each section may he encrypted with an ^encrypted, 
method and Keyword. Some -"^^J^^^^^^^r/L described 
ftn important element o£ the method »^ ^^^^ 
. herein is that the co^ressed images co^ ist Jf 

independently decodable coding ' 7^ „^,essed 

possible to ^-^''-i:^^':zz :^:Zs. 

domain without performing entropy 

SUBSTTTUTE SHEET (RULE 26) 
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A reduced quality image can be produced according to several 
different main schemes, such as: 
1} Reduced resolution 

2) Reduced accuracy of the transform coefficients. 

3) Exclusion of predefined regions of interest (ROD 

' These methods can be combined so that a reduced quality image is 
e.g. produced by reducing both the resolution and the accuracy 
of the transform coefficients. 

By using the method and device for storing and transmitting 
iLge data as described herein, several advantages are obtained. 
Thus, there is no need to store two different versions of an 
i^ge if different users are to have access to different qualxty 
of L one and same image. Also, transmission times become much 
lower if the information content of the first, low resolution 
illge data can be reused when transmitting the higher resolution 
jjaage data. 

BEIEF DESCRIFTIOH OF THE DRAWIMOS ^.,,11 „d 

present Invention will now be described xn »°"^»'"^ ^ 

'■^^ ^ A-r-a^nas. in whxch: 



with reference to the accon^anying drawings. 

. Fi,. 1 is a general view o. '^J^^; ^Z^Zl' .Z.^^' 
. Pigs. 2a and 2b shows encryption of images coa 

the JPEG 2000 standard. carried out 

- Fig. 3 is a flow chart illustrating some steps came 

when encrypting an image. process. 
. Fig. 4 is a diagram illustrating a client server p 

- Fig. 5 is a view of an encryption header 

DETAILED DESCRIPTION „^„,^ture of an original, 

Fi,. a general view c. t.e .^le ,,,, 

.i,n ^^y=J^re;tTnlependently decodabXe coding 

consists o£ a "-^'^ °^ f "/j;;^ ale structure shown in Fig. 
sections 101, 103 ^ version o£ a high 

.he ^":;rc: ; ithoL encrvption and will therefore 

resolution image, is co«cva 
be possible to decode by any receiver. 

SUBSTITUTH SHEET (RULE 2S) 



PCT/SE99/02106 

WO 00/31964 ^ 

section 103, which con^rises data, which combined with the 
. 101 result in . meOluia resolution version o£ 

l-il... is encr^ted usin. a -^J— 
TOthod, and only receivers having access to the correct 
"c^;ion Key will he ahle to decode the data stored u> the 
section 103. 

The section 105, whioJ. con>prises data, which combined with the 
Tta Of section 101 and 103 results in a -"l"-™^"" 
Of the high resolution imge, is encrypted using a seco^ 
encryption method, and only receivers having access to the 
enc^tion key will be able to decode the data stored in the 
section 105, 

Thus decoding of the section 101 will result in a low 
roiution iige version 10,. oecryption ^ ^^L: ^ 
section 103 will, co^ined with the ^J^l^'l^J^^^ ^ 
101 result m a medium resolution image 111. Decryptio 
i \^^of the section 105 will, combined with the image data 
frTt: sJZ^ and 103 result in a full resolution image 



115. 



purthermore, i^lementation in -^"".rrrtr^Ion 
.Ol, see Oharllaos Chri^t^cs .ed. ^^^O^ 

roMrsram^L mserted in the bitstream so that a wide 
range of progressive modes can he supported. 

^^t o a coding unit is a part of 
in JTEG 2000 verification model * =° ^ ^ given 

the bitstream that encodes a ^P^^f = -^^^^tToribed as any 
su^band. m general, a '""^/tntormation. The general 

...ependently is to include so 

7:zz::i^::^^^^- - r -rrhetirru is ^ 

sufficient to specify the suhband ^^^^/^ ^,,,,r that 

— ITerauir:::!^ r or thrs'Umg the hits that 
are needed for inserting explicit tags. 
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in Figs. 2a and 2b block diagrams describing how encryption can 
be implemented in the JPEG 2000 encoder and decoder 
respectively, are shown. 

Thus, in Fig 2a a block diagram where encryption is P-^°-^^ 
afte; entropy coding in the encoder is shown, Codxng ^.ts enter 
an entropy coding block 201. In the block 201 coding the codxng 
units are entropy coded using some suitable entropy code. The 
output from the block 2 01 is fed to a selector wh^ch selects a 

suitable encryption method for each entropy coded codxng unxt. 

some coding units can be selected to not be encrypted at all. 

in response to the selection made in the selector 203 the 
entropy coded coding units are encrypted in a block 205. The 
encrypted coding units together with the not --^^^^^^^^f ^ 
units then form a combined output data stream, whxch can be 
Stored or transmitted. 

response to selection ^de in the --"-//^^f^..^, . 
entropy oodea coding unite are ^^^^^^^^ir,, units are 

suitable -=--';-j;|:rTn-tirrcr.=S t.e coding units 
then £ed to the block 255^ I aecrvption 
from fad directly from the selector eombined 
block 253 are entropy ^^.".'t^n which is fed 

output data stream correspondans to the data 
to the entropy coding block 201 in Fig. 2a. 

<„ the transmission scheme as shown In the 
Each coding ^ independently encrypted block. 

Pigs. 2. and 2b xs ^'■^^'^ZLZ separately with «>y user 
Bach coding unit can ^^^T .ZZn. units in the same image 
rrerr^TerwItrdt^srlt encryption methods, .he 
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encryption method used can further be an encryption algorithm 
coiined with a keyword or a method for generating Keywords. 

Different encryption methods can in such an embodiment Mve 
identical algorithms but different Keywords. ^^-VPtron Method 
Description (EMD) as shown in Figs. 2a and 2b is any global data 
^^a's session Keywords or algorithm identifiers "^eed 
to specify the Encryption Method. Onit Encryption State (OES) rs 
a symbol that for each coding unit defines how it .s encrypted. 

in Fig. 3, a flow Chart illustrating different steps carried out 
When encrypting an image are shown. First, in a step ^ 
image to be partially encrypted is received. The rmag. recei«d 
in step 301 is then coded using a coding algorithm generating 
indepeLently decodable coding units, e.g. OFEO 2000, xn a step 



303. 



^.r, 305 some of the coding units of the image coded 
Next, in a step 305, some or .^^^^ encryption method, 

in step 303 are encrypted using some suitable ^^^^ 

V, = np<! The coding units that are chosen to be encryp 

such as DBS. Tne coaiuy ^gj^ 

K« in accordance with user preferences. Thus. ^ u 
can be set in accoraan ^^^^^^^i^g to ROls, higher order 
Chose to have coding units co-e^P-<^^g ^^^^^^ ^^^^ 

bit-planes, etc, encrypted. Finally. ^ ^ 

and the coding units which are not encrypted are merg 
single bit stream. 

, Pia 4 a flow Chart illustrating a client-server process^ 
r fitting an i^ge enc^ied — -."I 
.escribed in -^-"^^ "r/o^ TL c^nt «1 can then issue 
rre::e:r:ras'th: ::::er .03 for a particular image, step 



405. 



renlies by transmitting the coding units of the 
The server 403 replies by encrypted 
i^,e Which are not enc^«d^ ^^^^^^ ^^^^ 
coding units can be decoded ny £ul.i i^ge. 

access to a low ;n tit mty "sh to have access to 

Based on this ^-^'^^'^^j:^^:'^ the'fuU image, xf so the 
the image in a higher resoiuc 
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client transmits a request to the server requesting such 
information, step 409. 

The server replies by sending a request to the client requesting 
the client to agree to the conditions for transmitting the 
higher resolution version of the image, step 411. If the client 
agrees via a message 413, e.g. comprising a card number or 
account number from which to bill the cost for the image, the 
server sends the encrypted coding units together with a key word 
by means of which the encrypted coding units can be decrypted, 
step 415. A secure method for key distribution should be used. 
Examples of such secure methods are described in W. Stallings 
"Data and computer Communications-, p 635 -637. Prentice-Hall 
1997 fifth edition ISBN 0-13-571274-2. 

If the client already has access to the unencrypted and 
encrypted coding units, for exai^le if he has purchased a CD-ROM 
with images coded as described herein. The scheme as described 
in conjunction can be modified so that no image data xs 
Trrsmltted. Instead the client only agrees to editions set by 
.be server in order to have access to the key word s) w^ch are 
required to decrypt the encrypted coding unxts of the CD ROM. 

Tn the case when the method and device as described herein is 
Tsed whin eroding image according to the ^.O ^^oo ^^J^ 

IS advantageous if the .PKa 2000 ^^^^f /j:\rjc^^^^^^^^^^^ 
encryption methods. An Encryption Header that xs xnclu 
t^^header or optionally an Encryption Tag that xs merged wxth 
re L^O 2000 Tags can instead be used to specify how codxng 
xmits are decrypted. 

Xn such an r^ris"^ 

(EF) EF Is then set l£ any coding unit is 

Z V^^L Heaaex ,BH, shouX. then he appended to 
:::TEr.000 l^^e header and encryption infor^tion can 
optionally be merged into JPEG 2000 Tags. 

I„ Pig. = an encryption header is shown. """^^ 
can in such an ena>odi.ent contain the following sy^^s. 

SUBSTTTUTE SHEET (RULE 28) 
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1) Encryption Mode (EM) . A set of standard encryption modes are 
defined e.g. 

a) one encryption, method is used for all coding units 

b) Bitplanes of less significance than bitplane X are encrypted 

c) Subbands of higher resolution than Y are encrypted 

d) ROIs specified in are encrypted, etc. 

NO encryption information need to included in the Tags if an EM 
is defined. 

2) Encryption Mode Parameters (EMP) . Parameters (X. Y. ...) that 
are used to define the Encryption Mode are set here. 

3) Number of encryption methods used. Several encryption methods 
can be used within the same image if e.g. different user groups 
should be allowed to see different image content. 

4) one Encryption Method Descriptor (EMD) for each encryption 
method. The EMD defines any data that is needed by the 
^^tion/decryption module. The type of encryption algorithm 
"Tfined. A typical use of EMO will be to include a Keyword 
11 is encrypted by a public Key algorithm. The user suppl.es a 
private Key for decrypting the enclosed J^^,^, 

each encryption method. This au»ber is used in DES ^ 

5, The hitstree» n«st for each coding unit -P-"^ " it is 
encrypted and if so hy what ^thod. This is done --'^ 

t: rr.r:irr\:ToL:rd\rth:i::^ryrtron he^er or 
rr::: .i=-uted in ^:^'^:z^^. . 

tags. If the OES information is Kept in 'be ^=ryP 
define a header element - Encryption State 
a series of res symbols that are listed in the same 
coding units appears in the bit stream. 

IP EF is set and the Encryption State is not given in the 

SUBSTTTUTE SHSET (RULE Xl 
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he»d«r. JPEG 2000 Tags can be expanded to contain Onlt 
^:^;ion State (^) syn^ls. OBS defines whicU encryption 
Tt^, if any. that is used tor encrvpting t.e next cod^g 
unit. 

The tranaton. coefficient, belonging to a ROI can be 
Ascribed abo«. Tbey can be co^ietely or P-t.aUy anc^-d 
by selecting appropriate coding units belong^g to the EOI 
encryption. 

The «ain problem is that the shape of the ROI might 
intent. Xf the shapes are encrypted it is, 
to Show a reduced quality image since it is difficult to 
interpret the coded transform coefficients. 

This problem can be solved by defining a so called cloa>.ing^ 
r /<n =hane) Thus, the real shape of one or several EOIs are 
shape I T'J^ The c- shape is designed to 

comoletely enclosed m cne c o r-- 

ITreveal sensitive l»age content. A si-ple exa^^le of a 

shape is a boiinding box. 

i« -onr in the JPEG 2000 bit 

^ -^Z:' Xt^rcred^rtirenrry^tion as descried in 
stream. The c-shape is cod verification Model 

Charilaos '^^hl' t^ll^e as described therein 

Tstr rertirthi: z i ^^^^ - - - 



header. 



. masK is created using -^J"- ^ ^ "od ^ -^-P""^ 
coefficients belonging to the c-shape .s ccd 

using the method as described """^ ^^^^^^ „e shielded 

-^"TprLrrr^ter z tz::. .xs is thus 

by the c-shape are encxyf 
protected by encryption. 

The Shape of elc:;^ te^ — P-^^^^ 

encryption header. The corresponding c-shape. 

—0:^:: r- = ru^LryPted bacground. The c 
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.hape displayed as a blaiJc region. The original ROIs can 

be decoded if the Keyword is lmo«n. This is done by ^"-^^l^^ 
the coefficients belonging to the c-shape. The shape of each SOI 
belonging to the c-shape is also decrypted. The bitstrea. can 
now be rearranged so that the c-shape is dropped and the 
original FOI data structures are restored. Note that thxs iS 
done in the conpressed domain. 

The maslc that is used for encoding a ROI is not -^^^/^f 
in JPEG 2000. A mask that is sufficiently large so ^^^^^^/^^ 
is encoded lossless will often cover the whole lower ^ 
„.ask that is not allowed to expand will lead to a lossy encodxng 
of the ROI. The masks belonging to different ROIs or to a ROI 
and the background can be designed to overlap. This means that 
some coefficients are encoded in more than one ROI. Such 
overlap will lead to a reduced overall compression but the ROis 
Te i^re independent so that any ROI can be accessed and decoded 
with a good visual result. 

..e partial encryption method for ROIs ^^^^^^ J^:^, 
. \^r.^ Of the choice of mask as long as the mask is seiecue 
dependent of the cno reconstructed from the 

so that the content of a ROI cannoc building a 

content of any other ROI or -kgr-d - met.^ - ^^^^^^^^ 
n^ask that hides the content of the ROI is des 
Christopoulos (ed.). JPEG 2000 Verification Model 

mother advantage is that encryption ^'^^""^^^ Zs^^-^o. 

performed at the sa„e ti.e as ^^^'^^'^l^^ the 

L process ta^s place i™.= — 

:rc™on=-r Lcryption — 
transmitting the image by a parser (tran 
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CLAIMS 



1. K method of partially encrypting image data comprising the 

steps of ; . . 

- coding the image data using an encoding algorithm generating 

independently decodable coding units, 

- encrypting at least one of the coding units, and 

- merging coding units which are not encrypted with coding unxts 
which are encrypted into a combined bitstream. 

2 A method according to claim 1, characterised in that the not 
encrypted coding units correspond to a low resolution version of 
the ijaage data* 

3 A method according to any of claims 1-2, characterized Im 
titat different coding units are encrypted using different coding 
metliods . 

4. A -thod .ccordina to any of =l.i~ 1-3. ch«.cteri«a in 
that an encryption flag, which indicates if a cod^, unit .s 
.ncrypted, i. inaerted in the bit stream. 

^ ^Ti^wc: 1 - A when information 

5. A method according to any of claims 1 4, wnen 

corresponding to a Region of interest is ,3 
cl^acterized in that the shape of the region of interest 
enclosed in a cloaking shape. 

• * r,»rtial encryption of image data characterized 

6. A device for partial encrypwx 

traTco^^^n: Tl^^r. fo. enc^ptin, at ieaat 

one of the codin, ^^.^ „ot encrypted with 

- .eans for merging ^o*-'^^^ ,l«trean. 
coding miits which are encrypted, as a co 

to claim 6, eharaoteriied by means for 

" " i::Z^^^^^ « -"'^^ corresponding 

selecting the not encryp^iewi ^ 

tc a low resolution version of the image data. 
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8.. A device according to any of dai^ 6 - 7. ^ 
^ «r-«.=ryptin, coding units us«g different 

coding mctliods. 

9 K device according to any of claiMe e - >. cl»«ot«i.^ by 
:;^sTor inserting an encryption flag, which indicate, if . 
coding miit is encrypted, in the bit stream. 

xo. K device according to any of clal« 6 - s. 

^ for enclosing a region of interest shape ^ a doak^g 

shape. 
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